diff options
author | Patrick McHardy <kaber@trash.net> | 2010-07-28 05:07:33 +0200 |
---|---|---|
committer | Patrick McHardy <kaber@trash.net> | 2010-07-28 09:08:31 +0200 |
commit | 10d50440b57228cb33fa414d92a86a097f85a3b4 (patch) | |
tree | 9e536cf862f805c14f513495c6c9c1c1c368d18b | |
parent | 9e6a9bba93bba788c86c33493a585a502ab2eeb4 (diff) |
example: add generic PP authentication helper
Signed-off-by: Patrick McHardy <kaber@trash.net>
-rw-r--r-- | example/Makefile.in | 1 | ||||
-rw-r--r-- | example/common.h | 7 | ||||
-rw-r--r-- | example/keys.c | 26 | ||||
-rw-r--r-- | example/pp-auth.c | 73 |
4 files changed, 99 insertions, 8 deletions
diff --git a/example/Makefile.in b/example/Makefile.in index d516d9f..03d02b8 100644 --- a/example/Makefile.in +++ b/example/Makefile.in @@ -5,6 +5,7 @@ PROGRAMS += cc ss mm-fp mm-pp pp-access-rights discover hijack destdir := usr/share/dect/examples common-obj += common.o event_ops.o keys.o dummy_ops.o debug.o +pp-common-obj += $(common-obj) pp-auth.o cc-destdir := $(destdir) cc-obj += $(common-obj) diff --git a/example/common.h b/example/common.h index ccf0e36..2be4802 100644 --- a/example/common.h +++ b/example/common.h @@ -22,6 +22,13 @@ extern int dect_write_uak(const struct dect_ipui *ipui, extern int dect_read_uak(const struct dect_ipui *ipui, uint8_t uak[DECT_AUTH_KEY_LEN]); +extern void dect_pp_auth_init(struct dect_ops *ops, + const struct dect_ipui *ipui); + +struct mm_auth_priv { + uint8_t dck[DECT_CIPHER_KEY_LEN]; +}; + extern void pexit(const char *str); #include "../src/ccitt-adpcm/g72x.h" diff --git a/example/keys.c b/example/keys.c index 56b4a5e..958e1d7 100644 --- a/example/keys.c +++ b/example/keys.c @@ -38,28 +38,38 @@ int dect_write_uak(const struct dect_ipui *ipui, int dect_read_uak(const struct dect_ipui *ipui, uint8_t _uak[DECT_AUTH_KEY_LEN]) { struct dect_ipui ripui; - uint8_t uak[16]; + uint8_t uak[DECT_AUTH_KEY_LEN]; unsigned int i; FILE *f; f = dect_keyfile_open("r"); if (f == NULL) - return -1; + goto err; - if (fscanf(f, "N|%04hx|%05x|", &ripui.pun.n.ipei.emc, &ripui.pun.n.ipei.psn) != 2) - return -1; + memset(&ripui, 0, sizeof(ripui)); + ripui.put = DECT_IPUI_N; + + if (fscanf(f, "N|%04hx|%05x|", + &ripui.pun.n.ipei.emc, + &ripui.pun.n.ipei.psn) != 2) + goto err; for (i = 0; i < DECT_AUTH_KEY_LEN; i++) { if (fscanf(f, "%02hhx", &uak[i]) != 1) - return -1; + goto err; } - if (ipui->pun.n.ipei.emc != ripui.pun.n.ipei.emc || - ipui->pun.n.ipei.psn != ripui.pun.n.ipei.psn) - return -1; + if (dect_ipui_cmp(ipui, &ripui)) + goto err; memcpy(_uak, uak, DECT_AUTH_KEY_LEN); fclose(f); return 0; + +err: + fprintf(stderr, "Could not find UAK for IPUI N %4x %5x, use " + "'pp-access-rights' to allocate a new one\n", + ipui->pun.n.ipei.emc, ipui->pun.n.ipei.psn); + return -1; } diff --git a/example/pp-auth.c b/example/pp-auth.c new file mode 100644 index 0000000..0708e6f --- /dev/null +++ b/example/pp-auth.c @@ -0,0 +1,73 @@ +/* + * DECT PP authentication helpers + * + * Copyright (c) 2010 Patrick McHardy <kaber@trash.net> + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 as + * published by the Free Software Foundation. + */ + +#include <stdio.h> +#include <stdlib.h> + +#include <dect/libdect.h> +#include <dect/auth.h> +#include "common.h" + +static const struct dect_ipui *auth_ipui; + +static void dect_mm_cipher_ind(struct dect_handle *dh, + struct dect_mm_endpoint *mme, + struct dect_mm_cipher_param *param) +{ + struct mm_auth_priv *priv = dect_mm_priv(mme); + struct dect_mm_cipher_param reply = { + .cipher_info = param->cipher_info, + }; + + dect_mm_cipher_res(dh, mme, true, &reply, priv->dck); +} + +static void dect_mm_authenticate_ind(struct dect_handle *dh, + struct dect_mm_endpoint *mme, + struct dect_mm_authenticate_param *param) +{ + struct mm_auth_priv *priv = dect_mm_priv(mme); + struct dect_ie_auth_res res1; + struct dect_mm_authenticate_param reply = { + .res = &res1, + }; + uint8_t uak[DECT_AUTH_KEY_LEN]; + uint8_t k[DECT_AUTH_KEY_LEN], ks[DECT_AUTH_KEY_LEN]; + bool accept = false; + + if (dect_read_uak(auth_ipui, uak) < 0) + goto out; + + dect_auth_b1(uak, sizeof(uak), k); + + dect_auth_a11(k, param->rs->value, ks); + dect_auth_a12(ks, param->rand->value, priv->dck, &res1.value); + accept = true; +out: + dect_mm_authenticate_res(dh, mme, accept, &reply); +} + +static struct dect_mm_ops dect_mm_ops; + +void dect_pp_auth_init(struct dect_ops *ops, const struct dect_ipui *ipui) +{ + struct dect_mm_ops *mm_ops; + + if (!ops->mm_ops) + ops->mm_ops = &dect_mm_ops; + mm_ops = (struct dect_mm_ops *)ops->mm_ops; + + if (!mm_ops->priv_size) + mm_ops->priv_size = sizeof(struct mm_auth_priv); + mm_ops->mm_authenticate_ind = dect_mm_authenticate_ind; + mm_ops->mm_cipher_ind = dect_mm_cipher_ind; + + auth_ipui = ipui; +} |